<div dir="ltr"><div>IMHO, I don't think you _have_ to use webservices, but, if you require to integrate back-end (external web platforms) facilities into the Sugar shell, ie., uploading entries from the journal to your platform, it will be convenient to use webservices approach, and in that case it would be easier (for you and the end-user) to place auth bits together.<br> </div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sun, Jun 8, 2014 at 3:48 PM, Prasoon Shukla <span dir="ltr"><<a href="mailto:prasoon92.iitr@gmail.com" target="_blank">prasoon92.iitr@gmail.com</a>></span> wrote:<br> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi all<div><br></div><div>This problem has been troubling me for a bit and I'd appreciate any help on this.</div> <div><br></div><div>So, first, I'll describe in short what I want to achieve and then we'll move on to the problem.</div> <div><br></div><div>I'm making an activity which is just a lightweight version of the browser activity. This activity is called social-help and the user can launch it using a shortcut. The activity opens to a <a href="http://discourse.org" target="_blank">Discourse</a> based forum.</div> <div><br></div><div>The user has the choice to login using either facebook, google, github, twitter or a yahoo account. Also, the user can make a standalone Discourse account, too, the usual way.</div><div><br></div><div> Now, the question. I've been told a few times to use the existing webservices mechanism to store a user's session so that the user won't need to login every time he opens the activity. However, there is no <i>need</i> for it, IMO. The activity, as I've mentioned already, is a web browser, of all things, and can happily store cookies so that users will be logged in every time they open the activity.</div> <div><br></div><div>So, what's the use of using the webservice mechanism in such a case?</div><div><br></div><div>Also, if we must use a webservice for logins, there is then the question of <i>which</i> auth system to use - there are five different OAuth systems and a native one, too. Also, discourse doesn't provide access tokens like facebook (say) and so, we'll need to do sometime like the PutLocker webservice - we'll need to <a href="https://github.com/ignaciouy/sugar-putlocker/blob/master/extensions/webservice/sugarupload/account.py#L43" target="_blank">store a plaintext password</a>. I am against this idea, however.</div> <div><br></div><div>So, the gist of it is this: Why use a webservice when the browser cookies work just fine? If we do use a webservice, then what exactly will be the mechanism underlying the whole thing (multiple OAuths and the like - how will we manage this)?</div> <div><br></div><div>Thanks. Looking forward to an answer.</div><div hspace="streak-pt-mark" style="max-height:1px"><img style="width:0px;max-height:0px" src="https://mailfoogae.appspot.com/t?sender=acHJhc29vbjkyLmlpdHJAZ21haWwuY29t&type=zerocontent&guid=bfd399e0-ace1-47fd-8549-3dba335c0637"><font color="#ffffff" size="1">ᐧ</font></div> </div> <br>_______________________________________________<br> Sugar-devel mailing list<br> <a href="mailto:Sugar-devel@lists.sugarlabs.org">Sugar-devel@lists.sugarlabs.org</a><br> <a href="http://lists.sugarlabs.org/listinfo/sugar-devel" target="_blank">http://lists.sugarlabs.org/listinfo/sugar-devel</a><br> <br></blockquote></div><br></div>